NCMD: Benign-Anchored Feature Selection for Imbalanced Network Intrusion Detection

Feature selection is critical for network intrusion detection systems NIDS operating under high-dimensional, highly imbalanced traffic, as found in operational and defense networks. Traditional filter methods rank features using global statistics computed symmetrically across classes and thus fai...

PraisonAI CLI automatically resolves @url mentions in prompt text and can read loopback URLs into model context

Summary PraisonAI's direct-prompt CLI automatically expands @url: mentions in raw prompt text before agent execution begins. If a prompt contains @url:, the CLI calls MentionsParser.process.... The @url: handler then performs a direct urllib.request.urlopen request to the attacker-controlled URL...

Astra Linux - уязвимость в zabbix

JavaScript preprocessing can be exploited by attackers to gain access to the file system read-only access on behalf of the user “zabbix” on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...

Astra Linux – Vulnerability in Zabbix

JavaScript preprocessing, webhooks, and global scripts can lead to uncontrolled utilization of CPU, memory, and disk I/O resources. The ability to preprocess/webhook/configure and test global scripts is only available to Administrative roles Admin and Superadmin. Administrative privileges should...

CVE-2025-47390

Memory corruption while preprocessing IOCTL request in JPEG driver...

EUVD-2025-209225

Memory corruption while preprocessing IOCTL request in JPEG driver...

CVE-2025-47390

Memory corruption while preprocessing IOCTL request in JPEG driver...

CVE-2025-47390 Buffer Over-read in Camera

Memory corruption while preprocessing IOCTL request in JPEG driver...

CVE-2025-47390

CVE-2025-47390 describes memory corruption during preprocessing of an IOCTL request in the JPEG driver (also referenced as a Camera-related issue). The vulnerability is categorized with high impact (CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and requires local access with low privileges; ther...

CVE-2025-47390 Buffer Over-read in Camera

Memory corruption while preprocessing IOCTL request in JPEG driver...

PT-2026-30636

Memory corruption while preprocessing IOCTL request in JPEG driver...

Machine Learning Transferability for Malware Detection

Malware continues to be a predominant operational risk for organizations, especially when obfuscation techniques are used to evade detection. Despite the ongoing efforts in the development of Machine Learning ML detection approaches, there is still a lack of feature compatibility in public...

Shape and Substance: Dual-Layer Side-Channel Attacks on Local Vision-Language Models

On-device Vision-Language Models VLMs promise data privacy via local execution. However, we show that the architectural shift toward Dynamic High-Resolution preprocessing e.g., AnyRes introduces an inherent algorithmic side-channel. Unlike static models, dynamic preprocessing decomposes images in...

CVE-2025-33249

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...

CVE-2025-33249

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...

CVE-2025-33249

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...

CVE-2025-33249

CVE-2025-33249 affects NVIDIA NeMo Framework on all platforms, specifically a vulnerability in a voice-preprocessing script that could allow attacker-crafted input to trigger code injection. The Red Hat advisories and NVIDIA bulletin corroborate a vulnerability with potential code execution, priv...

CVE-2025-33249

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...

CVE-2025-33249

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...

NVIDIA Nemo Framework 命令注入漏洞

NVIDIA Nemo Framework is a framework developed by NVIDIA Corporation in the United States for building and deploying generative AI models. The NVIDIA NeMo Framework has a command injection vulnerability. This vulnerability arises from malicious inputs created by attackers in the voice preprocessi...